From owner-freebsd-chat@FreeBSD.ORG  Mon Nov  3 18:54:40 2003
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
Delivered-To: freebsd-chat@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 160D316A4CE
	for <chat@freebsd.org>; Mon,  3 Nov 2003 18:54:40 -0800 (PST)
Received: from s1.stradamotorsports.com (ip30.gte4.rb1.bel.nwlink.com
	[209.20.215.30])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2A8AF43FCB
	for <chat@freebsd.org>; Mon,  3 Nov 2003 18:54:39 -0800 (PST)
	(envelope-from jcw@highperformance.net)
Received: from s1.stradamotorsports.com (s1.stradamotorsports.com
	[192.168.1.201])hA42sZwi003252
	for <chat@freebsd.org>; Mon, 3 Nov 2003 18:54:35 -0800 (PST)
	(envelope-from jcw@highperformance.net)
Date: Mon, 3 Nov 2003 18:54:35 -0800 (PST)
From: "Jason C. Wells" <jcw@highperformance.net>
X-X-Sender: jcw@s1.stradamotorsports.com
To: chat@freebsd.org
Message-ID: <Pine.BSF.4.44.0311031830500.3218-100000@s1.stradamotorsports.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Spam-Status: No, hits=0.0 required=5.0
	tests=USER_AGENT_PINE
	version=2.55
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)
Subject: Too Much DNS Traffic / Analysis
X-BeenThere: freebsd-chat@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Non technical items related to the community
	<freebsd-chat.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-chat>
List-Post: <mailto:freebsd-chat@freebsd.org>
List-Help: <mailto:freebsd-chat-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Nov 2003 02:54:40 -0000

I get what I think is way too much traffic on DNS.  I recently read about
DNS misconfigurations and the trouble they cause.  I am suspicious that I
am one of the culprits.  (I have been running with the same config for
a long time.  I would mortified to find that my DNS is fubar.)

My DNS works.  I can query the world and the world can query me.  One
point of concern is that my name server is behind a firewall with PAT/NAT.

In 'ipfw show' I can see that 528 packets came in on smtp.  20 packets
came in on http.  Something like 40,000 packets came in on DNS in one day.
This seems to be way too much DNS traffic for the little bit of use my
network sees.

Much of what I have read is all about data gathering and techniques for
analysing DNS.  This stuff is way too technical and not practical.

Can any of you point me to a good practical reference on how to be a good
net neighbor with respect to DNS?

Thanks,
Jason C. Wells